Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cloudflare MWAN (Ipsec)

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 169 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      timbo1083
      last edited by timbo1083

      Hello! My IPsec tunnel is set up, and traffic is being passed through Cloudflare's MWAN service. The machines behind it pull 104.x public addresses (Cloudflare's pool), so all is well. MWAN, by default, allows site-to-site and site-to-internet connections.

      My Cloudflare setup also allows me to reference endpoints behind the tunnel. For instance, 192.168.100.0/24 is the LAN network, and I can use Cloudflare's load balancer with local traffic IPs to reference things in the /24.

      So I'd like to put a webserver at 192.168.100.100/24 for instance. Nothing special.

      Doing a pcap I can see traffic coming in, but it doesn't seem to be returning. I imagine I'm missing a setting, but I want to allow all traffic to and from my LAN from the IPsec tunnel. I know it's not normal, but I want to allow any/any to and from IPsec traffic to get things going. But that firewall rule doesn't seem to work.

      Can anyone please advise?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.